Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qr0IhJO6KigfVEFKJO1u0yAEluw.roa
File: qr0IhJO6KigfVEFKJO1u0yAEluw.roa (raw, json)
Hash identifier: 0CJ8waIOTgg1WAY10B6BNo1X2rBkkRh3MkOn7WPh8oE=
Subject key identifier: AA:BD:08:84:93:BA:2A:28:1F:54:41:4A:24:ED:6E:D3:20:04:96:EC
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685BC3B5603F13DCFFF3DA70FB6430
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qr0IhJO6KigfVEFKJO1u0yAEluw.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215789
IP address blocks: 147.45.44.0/24 maxlen: 24
147.45.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 19:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:c3:b5:60:3f:13:dc:ff:f3:da:70:fb:64:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aabd088493ba2a281f54414a24ed6ed3200496ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:81:8b:fc:b2:ca:23:9f:96:e3:b1:17:f0:63:
31:e5:15:85:ed:ce:8b:f3:47:b2:28:12:7e:3f:eb:
4d:5b:0c:d1:0d:20:e5:e0:fc:82:c1:86:be:81:67:
86:3e:ff:d4:c8:86:39:35:a1:19:1c:44:cb:f5:85:
cc:3f:9c:9c:b8:76:fd:85:33:32:4f:7c:88:e2:b2:
e5:a3:df:be:d6:2a:f2:cf:2a:8f:b5:37:1e:de:07:
6d:7a:38:2f:30:e2:8d:ab:a1:88:31:91:f0:6a:66:
43:e7:2b:c4:ca:2a:f9:99:0f:d8:b5:06:55:cb:db:
5c:97:48:cd:41:6e:71:40:ed:3c:d5:da:6c:91:4d:
75:d2:39:cc:b0:12:89:52:59:4f:ba:03:b6:38:6c:
3b:57:88:f0:e8:cb:f2:54:b7:4b:a3:d5:30:ae:f1:
3d:ca:c5:cc:b9:23:9e:42:fa:da:37:e1:75:a9:8a:
4a:76:bb:77:f0:de:85:65:73:d4:1d:f6:d1:3c:ff:
11:e3:b6:51:2a:57:60:6d:79:7b:3a:91:04:47:a5:
16:f6:d2:54:b5:c3:c3:f3:cf:a2:41:f8:7d:e4:f7:
9e:5e:86:d1:9c:77:b9:e9:a0:b6:69:bd:7e:c7:8d:
0b:ff:49:0b:50:cb:61:9e:6c:01:bf:87:76:20:b0:
e9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BD:08:84:93:BA:2A:28:1F:54:41:4A:24:ED:6E:D3:20:04:96:EC
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qr0IhJO6KigfVEFKJO1u0yAEluw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.44.0/24
147.45.47.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a3:04:14:61:a0:ec:9c:4b:47:fe:32:dd:09:d8:86:29:5a:
6a:99:bf:58:bd:22:ff:d6:9c:a8:d4:94:70:7a:7f:6b:58:67:
f1:97:de:02:b5:ca:47:47:f7:1a:c9:2f:e6:10:80:d6:a9:f2:
85:d9:68:90:6e:23:26:9a:5c:e2:11:84:19:79:16:4e:40:cc:
6f:02:10:e9:6a:e3:e1:cd:b1:17:e4:da:13:5f:1c:ba:8d:2c:
e0:db:e5:fe:e0:f2:16:42:44:f8:20:46:48:8b:18:6d:a7:e0:
eb:2f:f6:f9:3b:9b:f9:fb:f9:e4:42:b4:c4:75:56:a6:1c:a0:
97:94:c8:69:92:37:70:ad:e3:a7:50:52:e9:f5:c1:ab:0e:6d:
8c:1d:dd:72:a4:fb:e0:86:6b:2d:85:45:19:c3:b3:3d:07:61:
87:24:1b:00:60:3d:07:0d:05:41:9a:32:0a:d9:f2:20:02:b6:
4e:8e:ff:fe:38:9b:ff:d5:38:a2:0f:bf:8d:89:ab:dd:de:70:
79:94:47:b8:28:18:a3:43:05:52:66:eb:df:c9:cb:f6:ee:ac:
b6:8b:58:c1:1f:6a:b9:ca:f5:53:29:93:f0:32:22:d6:39:83:
94:fc:f2:90:e6:6e:4b:93:3c:8b:b1:c7:fc:f1:89:9d:9c:e3:
38:bf:7a:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaFvDtWA/E9z/89pw+2QwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWJkMDg4NDkzYmEyYTI4MWY1NDQxNGEyNGVkNmVkMzIwMDQ5NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IGL/LLKI5+W47EX8GMx5RWF7c6L
80eyKBJ+P+tNWwzRDSDl4PyCwYa+gWeGPv/UyIY5NaEZHETL9YXMP5ycuHb9hTMy
T3yI4rLlo9++1iryzyqPtTce3gdtejgvMOKNq6GIMZHwamZD5yvEyir5mQ/YtQZV
y9tcl0jNQW5xQO081dpskU110jnMsBKJUllPugO2OGw7V4jw6MvyVLdLo9UwrvE9
ysXMuSOeQvraN+F1qYpKdrt38N6FZXPUHfbRPP8R47ZRKldgbXl7OpEER6UW9tJU
tcPD88+iQfh95PeeXobRnHe56aC2ab1+x40L/0kLUMthnmwBv4d2ILDpuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKq9CISTuiooH1RBSiTtbtMgBJbsMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcXIwSWhKTzZLaWdmVkVGS0pPMXUweUFFbHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky0sAwQA
ky0vMA0GCSqGSIb3DQEBCwUAA4IBAQA3owQUYaDsnEtH/jLdCdiGKVpqmb9YvSL/
1pyo1JRwen9rWGfxl94CtcpHR/cayS/mEIDWqfKF2WiQbiMmmlziEYQZeRZOQMxv
AhDpauPhzbEX5NoTXxy6jSzg2+X+4PIWQkT4IEZIixhtp+DrL/b5O5v5+/nkQrTE
dVamHKCXlMhpkjdwreOnUFLp9cGrDm2MHd1ypPvghmsthUUZw7M9B2GHJBsAYD0H
DQVBmjIK2fIgArZOjv/+OJv/1TiiD7+Niavd3nB5lEe4KBijQwVSZuvfycv27qy2
i1jBH2q5yvVTKZPwMiLWOYOU/PKQ5m5LkzyLscf88YmdnOM4v3pm
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:22:48 2025 by rpki-client